Mike Spencer, consultant, Accuvant
Mike Spencer, consultant, Accuvant

During the American Colonial period, population centers were secured with fixed defenses such as walls and watchtowers. The downside of this approach was that not everyone could live inside the walls; the enclosed compounds simply were not large enough. Those who typically lived outside the walls — such as farmers and traders — needed protection, as they were instrumental to the group's survival. In today's business world, you could equate components of the supply chain with the “outsiders” while the “insiders” are those inside your own defenses and support the organization such as human resources, finance and governance groups.

A common method of securing the townships was to organize Ranger units. These small, handpicked units operated outside the safety of the walls, often under the direction of the Governor. Contemporary military units primarily were focused on protecting the settlement by manning the walls and watchtowers and were under military control.

Ranger missions were typically conducted to determine if an attack was forthcoming. A specialty of Ranger units has been (and remains today) conducting intelligence-gathering operations. Similar techniques can be used in the cyber realm of today where a small group, operating outside the firewalls, can scout for signs of impending attack and possibly take steps to mitigate that attack. Knowing an attack is inbound can also allow you to re-align your defenses.

Network security today has similar defensive problems; there are clusters of relatively secure islands spread across expanses of “no man's land.” It would be impractical to bring everyone into the same security zone (and would be against security best practices). However, small units conducting “active reconnaissance” between secure locations could be invaluable for heading off attacks and learning more about how the enemy operates. The more we know about his operational techniques, the better we can configure our defenses to make them more resilient.

Colonial Ranger units usually were funded by the governor of the territory; although, occasionally, a benefactor raised a privately funded unit. No matter how they were funded, Ranger units served the entire region. Throughout history, support for Ranger units has waxed and waned, the primary concern cited was cost.

The truth is that these units were not expensive; they were often supplied with only food, blankets and minimal pay. However, they were such a deviation from “normal” forces that they were politically sensitive. Furthermore, most commanders had no idea of how to incorporate such irregular forces. These same issues could be of concern to a cyber Ranger team and must be considered carefully for the team to have the best chance of success.